CVE-2026-10155 | Bdtask Multi-Store Inventory Management System 1.0 Accounts Report Accounts.php accounts_report_search dtpToDate sql injection

Inserito da Angelo Barbosa | Mag 30, 2026 | CVE

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. It has been classified as critical. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDate results in sql injection.

This vulnerability is reported as CVE-2026-10155. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-10155 | Bdtask Multi-Store Inventory Management System 1.0 Accounts Report Accounts.php accounts_report_search dtpToDate sql injection

Post correlati

CVE-2024-45759 | Dell PowerProtect DD up to 7.7.5.49/7.10.1.39/7.13.1.9 privileges assignment (dsa-2024-424)

CVE-2024-4647 | Campcodes Complete Web-Based School Management System 1.0 student_first_payment.php index cross site scripting

CVE-2024-5865 | Delinea Centrify PAS up to 23.1-HF6 path traversal (inea-2023-001)

CVE-2026-27691 | InternationalColorConsortium iccDEV up to 2.3.1.4 iccFromCube.cpp integer overflow